Program kaspersky security Center is a unique tool that allows you to control the security of corporate networks and centrally manages various security tools
The Control Center is responsible for monitoring the activities of programs, their opening and blocking malicious software. Under its influence are all applications and programs installed on computers that are connected to the corporate network. The administrator manages user actions either by adjusting their own security settings or by using standard templates.
Kaspersky Security Center constantly checks the system for weaknesses, updates protective components, monitors for updates for the running software. When checking the system, the program provides reports on its actions. Reports are generated automatically when regular checking is activated, however, the tool is able to generate them at the request of the user, and translate them into files PDF formats, HTML and XML.
The intuitive interface provided by the program facilitates the user's work.
Choosing Kaspersky Lab products, you get reliable protection of your IT infrastructure and the ability to control security in your company using a single convenient management console Kaspersky Security Center.
Previously, the IT department had to work simultaneously with multiple management consoles to manage numerous security tools, as well as to perform basic system administration functions. Kaspersky Lab has created a solution that simplifies the administrator's work.
Ease of Management
The main goal of creating Kaspersky Security Center was to simplify and speed up the process of setting up, launching and managing IT security tools and systems in a complex IT environment. A single management console helps you control all the security and system administration tools you use at Kaspersky Lab. With Kaspersky Security Center, you can control every workstation and every device on your network, centrally manage security tasks, and reduce operational costs and increase productivity.
Intuitive interface
When developing Kaspersky Security Center, our specialists tried to provide the user with the most easy-to-use interface with well-organized dashboards.
Easy Installation
With the installation wizard, you can quickly and easily install and configure Kaspersky Lab security solutions throughout your IT environment.
Remote access
In addition to the local management console, Kaspersky Security Center has a convenient web console. The presence of such a console allows you to use any computer with Internet access to monitor the status of protection corporate network.
Simple reporting
Kaspersky Security Center allows you to create and configure various protection status reports. Reports can be generated both on demand and according to a specified schedule.
Support for multi-platform environments
Working in the operating room Windows system, Kaspersky Security Center supports management of multiple operating systems and platforms, including servers and workstations running Windows control, Linux and Novell Netware as well as mobile devices Android control, iOS, BlackBerry, Symbian, Windows Mobile And Windows phone.
Kaspersky Security Center is included in Kaspersky TOTAL Security for Business and in all products Kaspersky Endpoint Business Security: START, STANDARD and ADVANCED. Kaspersky Security Center will include only those management tools that are required to work with the Kaspersky Lab product of your choice. If you decide to upgrade to a higher level of Kaspersky Endpoint Security for Business or to the most complete Kaspersky TOTAL Security for Business solution, the Kaspersky Security Center management console will automatically display additional funds management.
Installation, configuration, and management of desktop protection in Kaspersky Lab solutions are performed in Kaspersky Security Center. From a single console, you can manage and protect your business from known and emerging malware, prevent IT security risks, and reduce defense costs.
The demand for access to corporate systems from mobile devices is growing, and Kaspersky Security Center helps protect them and ensure the safety of using personal devices for work.
When you purchase Kaspersky Endpoint Security for Business STANDARD, Kaspersky Endpoint Security for Business ADVANCED, Kaspersky TOTAL Security for Business, or Kaspersky Security for Mobile, all mobile device management capabilities will be available in Kaspersky Security Center. Thus, you can use a single console to manage your mobile devices, protect workplaces, and many other Kaspersky Lab technologies.
In addition to detailed control over IT infrastructure security, Kaspersky Security Center provides system administration tools that simplify infrastructure management tasks and allow you to increase productivity and reduce operational costs.
All system administration tools will be available in your Kaspersky Security Center management console if you use Kaspersky Endpoint Security for Business ADVANCED, Kaspersky TOTAL Security for Business, or Kaspersky Systems Management.
Kaspersky Security Center manages the operation of the following Kaspersky Lab solutions for protection against information threats:
Please note that support for some versions of security solutions for Microsoft Exchange and ISA Server, as well as previous versions applications to protect servers and workstations under Linux control is still carried out using Kaspersky Administration Kit, the previous version of the centralized management tool for the protection system.
| Software requirements: | Hardware requirements: |
|---|---|
| Database management system:
| |
| 32-bit OS: | |
| 64-bit OS:
|
| Software requirements: | Hardware requirements: |
|---|---|
| 32-bit OS:
|
|
| 64-bit OS:
|
| Software requirements: | Hardware requirements: |
|---|---|
| 32-bit OS:
|
|
| 64-bit OS:
|
Kaspersky TOTAL Security for Business includes all features of Kaspersky Security Center. When using other Kaspersky Lab products, the set of Kaspersky Security Center features will depend on the functionality of the selected solution.
New Web Console
The main advantages of the Web Console compared to MMC:
Does not require client-side installation, only a web browser is needed
Since you only need a browser, it does not matter what operating system
If you work on a mobile device, you can view reports directly from the beach
The Web Console supports the User-Centric model, that is, the administrator assigns the policy not to the device, but to the user. The user-centric management model works if devices are assigned owners in AD. The KSC will be able to retrieve this information and assign policy profiles to device owners instead of devices. The old Device-Centric management model, where policy profiles were assigned to devices, remains available and applied by default.
Web Console is a separate distribution. It can be installed both on a computer with KSC and on a separate computer.
Interaction scheme:
The Web Console is a web server based on the Node.js platform.
The server part of the Web Console connects to the KSC using the new KSC Open API protocol based on HTTPs. The client part is a SPA (Single Page Application).
In its simplest form, a SPA is a web application whose components are loaded once per page, and the content is loaded as needed. Those. when we click on any interface element in the Web Console, JavaScript is launched, which loads the modules and renders what we requested. And everything will look as if we have moved to another page.
Change in the interface of the MMC administration console
There are several new nodes in the console tree:
Multitenant applications - LC applications that have Multitenancy support functionality, for example, KSV, can get here.
Deleted objects - deleted entities such as tasks, policies, installation packages get here
Triggering of rules in Smart Training mode - information about triggering rules in training mode for the new AAC component is included here
Active threats (formerly known as Unprocessed files)
So, what can get into the Deleted objects node. All entities that have the Revisions section in their properties end up in the Deleted objects node after being deleted.
Namely: - Policies - Tasks - Installation packages - Virtual Administration Servers - Users - Security groups - Administration groups
We can say that this is an analogue of the Recycle Bin in Windows.
Common and through forKSC subnet list
In KSC, subnets can be used in multiple locations. For example, in the properties of KSC, when we want to limit the transmission of traffic in time. In the Agent's policy, when setting up connection profiles.
In KSC 10, you had to set subnet parameters separately in each of these places, which was not very convenient.
In KSC 11, a new section appeared in the Administration Server properties, where you can specify a list of subnets within an organization once, and this list will be available anywhere in KSC where a subnet must be selected as a parameter.
Installation package: protection level indicator
The KES 11.1 installation package in KSC 11 no longer has installation options.
On the other hand, we added a protection indicator to the properties of the installation package; previously, such an indicator was only in the policy. If the administrator decides to disable the installation of an important component of KES 11.1, the indicator will change color. You can also see what influenced the change in the protection level.
KSC 11 : supportdiff - update files
Update servers store several sets of databases, complete and so-called diff files (difference (delta) between the current and previous update). Diffs can be daily or weekly. KSC 10 could only download full set bases, now he can download both sets, full and diffs.
The paradox is that KES has been able to work with diffs for a long time, but only when updating from the Internet, now KES can use diffs when updating from KSC. This will significantly reduce internal traffic many times over.
Network Agents: Supportdiff - update files
The option to download updates in advance (offline update mode) is enabled in the default Agent policy
Retransmission of Diff files does not work when offline update mode is enabled
Diff files will not be transferred to older versions of Agents
BUT! In the properties of the Network Agent, there is an option "Download updates from KSC in advance". So if this option is enabled, and it is enabled by default, then KES will be updated the old fashioned way without using diffs.
KSC 11 Update Agents
Update Agents are now also able to distribute DIFF update files.
In addition, they can now act as a KSN Proxy and can redirect KSN requests from protected devices to the Administration Server or directly to global KSN servers.
updateAgent: support for 10,000 nodes
By default, KSC assigns Update Agents automatically.
In KSC 10, if the administrator wanted to assign an Update Agent manually, then in large networks this caused inconvenience. Why? Because before one Update Agent could support up to 500 hosts. And if there are several thousand hosts in the network, then many Update Agents had to be assigned to cover the entire network. In addition, not every computer can become an Update Agent, it must meet certain system requirements.
In general, manually assigning an Update Agent in large networks used to be a daunting task.
Now this problem has disappeared, because. now one Update Agent supports up to 10,000 hosts.
Since the number of supported hosts has increased, the system requirements to a computer that can be assigned an Update Agent (CPU frequency 3.6GHz or higher, RAM 8GB or more, Free disk space 120GB or more)
FolderKLSHARE has moved: C:\ProgramData\KasperskyLab\adminkit\1093\.working\share\
KSC 11: Plugin Backwards Compatibility KES
KSC11 introduces backwards compatibility of KES plugins.
Previously, if the network used different versions KES, the administrator had to maintain separate sets of policies and tasks for each version. Now, the policies and objectives of KES 11.1 will also apply to KES 11.
KSC 11: remote installation
A new section has appeared in the remote installation wizard - Behavior for devices managed through other Administration Servers.
If there are multiple KSC servers on the network, they can see the same devices. This option allows you to avoid installation on a device that is connected to another KSC.
KSC 11: Improvements inRBAC
First, RBAC no longer requires a license for the Administration Server.
Secondly, new roles have appeared: - Auditor - Security Officer - Supervisor. By default, they are not assigned to anyone.
Thirdly, it became possible to retransmit the list of roles to slave Administration Servers. Previously, you had to work with roles separately on each Server, which was not very convenient. Now you can create and configure roles in one place on the Main Administration Server and move them down the hierarchy.
KSC 11: new reports
Report on the status of application components– allows the administrator to visually understand where which components are installed and their current status. This important information, because an installed but not running component reduces the effectiveness of the protection of the end node. Previously, the administrator did not have the opportunity to view the status of KES components in one place on all devices at once. To find out which components are installed and running, I had to look at each host separately, which was inconvenient and time consuming.
If necessary, based on this report, you can build detailed reports on individual components, for example, to see where the Endpoint Sensor is installed.
reportonthreatdetectiondistributedbycomponentanddetectiontechnology- information about which particular protection component detected the threat and with the help of which technology. This allows you to visually show the work of detecting technologies and the usefulness of protection components.
Integration withSIEM via syslog
To send events from the KSC to the SIEM system via syslog protocol no longer need a license.
But this only applies to Syslog, integration with ArcSight, QRadar and Splunk still requires a license!
Update installation diagnosticsWindows
This option automatically enables Network Agent tracing. Trace files are stored in the folder - %WINDIR%\Temp
TOTALKSC 11 :
A full-fledged KSC Web Console has appeared
Implemented support for DIFF update files
Implemented support for backward compatibility of KES plugins
Update Agents can act as a KSN proxy and support up to 10,000 nodes
Adding new roles to RBAC does not require a KSC license
New reports added
Integration with SIEM systems via syslog no longer requires a license
Extended Windows update installation diagnostics
Regardless of whether you manage ten or several thousand workstations as part of a centralized, distributed or mixed IT infrastructure, installation, configuration and administration of all Kaspersky Lab security solutions is carried out through a single management console.
Centralized management. Scalability. Flexibility
Kaspersky Security Center allows you to provide efficient multi-platform mobile device management (MDM), vulnerability monitoring and patch management, as well as control of devices and applications allowed to be used in your corporate network.
Kaspersky Security Center supports multi-level protection and management technologies that are activated through a single convenient console. Kaspersky Security Center makes it easy to scale the protection system and add new tools and functions to it - both in small, rapidly growing companies and in large corporations with a complex distributed IT infrastructure. Each next level of the Kaspersky Security for Business solution opens additional features protection and management within a single platform - according to your current needs.
Levels of Kaspersky Security for Business: gradual expansion of functionality
| Malware Protection |
Control of applications, devices, web control |
Mobile Security |
Data encryption | System administration |
Protection mail servers, internet gateways and servers joint work |
|
| STARTING | ||||||
| STANDARD | ||||||
| ADVANCED | ||||||
| TOTAL SECURITY |
Centralized management allows you to increase the transparency of the corporate IT infrastructure, optimize costs and achieve maximum efficiency protection system management. The tightly integrated functions and tools within Kaspersky Security Center (KSC) provide efficient management of all technologies implemented in a unified Kaspersky Lab security platform.
BEST DEFAULT SETTINGS
Especially relevant for small companies that do not always have enough IT resources to perform additional administrative tasks. Use the settings recommended by our experts, or choose the ones that are right for you.
SUPPORT FOR MULTIPLATFORM ENVIRONMENTS
Security management of physical (Windows®, Linux®, Mac), mobile (Android™, iOS, Windows Phone) and virtual devices within the corporate IT infrastructure is carried out through a single console.
SCALABLE PROTECTION FOR COMPANIES OF ANY SIZE
Support for up to a million Active Directory® objects, as well as differentiation of administrator rights based on roles and settings profiles, provide flexible operation of the solution in complex environments.
EXTREME INTEGRATION CAPABILITIES
Integration with major SIEM systems for reporting and security. Integration with external systems NAC including Cisco® NAC, Microsoft® NAP and SNMP server.
REMOTE OFFICE SUPPORT
Traffic optimization and flexible patch distribution. Local work station can act as an update agent for the entire remote office, enabling updates to be deployed remotely and reducing traffic between offices.
DETAILED REPORTS
A wide range of pre-installed report templates, with the ability to customize and generate individual reports. Additional dynamic filtering and sorting of reports by any parameters.
WEB CONSOLE
Allows for efficient remote control security of workplaces and mobile devices.
VIRTUALIZATION SUPPORT
Virtual machine recognition and load balancing during periods of intensive work, as well as the prevention of performance-degrading anti-virus "storms" - all through a single management console.
HOW TO BUY
Kaspersky Security Center is included in all levels of the line, as well as a number of solutions for protecting individual network nodes.
For consultation and receiving a commercial offer, send a request to the address: [email protected]
This material was prepared for professionals involved in the management antivirus protection and safety in the enterprise.
This page describes and analyzes the most interesting features of the latest versions of Kaspersky Endpoint Security 10 and the central management console of Kaspersky Security Center 10.
The information was compiled based on the experience of communication by NovaInTech specialists with system administrators, heads of IT departments and security departments of organizations that are just switching to Kaspersky anti-virus protection, or are undergoing the process of switching from using the 6th version of the anti-virus on client computers and the Administration management console Kit 8. In the latter case, when anti-virus protection from Kaspersky Lab is already in use, it is also common for IT specialists not to know the most interesting moments in the operation of new versions of products that really help to make life easier for these same IT specialists, and at the same time increase level of security and reliability.
After reading this article and watching the videos, you can briefly get acquainted with the most interesting functionality that provides latest version management consoles of Kaseprky Security Center and Kaspersky Endpoint Security and see how it works.
You can find the necessary distributions on the official website of Kaspersky Lab:
ATTENTION! To distribution full version Kaspersky Security Center is already included in the distribution kit of Kaspersky Endpoint Security of the latest version.
First of all, I would like to tell you how to start installing anti-virus protection from Kaspersky Lab: Not from the anti-viruses themselves on client computers, as it might seem at first glance, but from installing the administration server and the central management console of Kaspesky Security Center (KSC ). With this console, you can deploy anti-virus protection on all computers in your institution much faster. In this video you will see that after installation and minimum setting KSC administration server, it becomes possible to create an installer of an anti-virus solution for client computers, which even a completely unprepared user can install (I think every administrator has such "users") - the installation interface contains only 2 buttons - "Install" and "Close".
The administration server itself can be installed on any computer that is always on or maximum available, this computer must be visible to other computers on the network, and Internet access is very important for it (for downloading databases and synchronizing with the KSN cloud).
Watch the video, even if you have installed the center console before, but of previous versions - you may hear and see something new for yourself...
It is often found that in small organizations, system administrators install and configure anti-virus protection on each computer manually. Thus, the time they spend on maintaining anti-virus protection increases and they do not have enough time for some more important tasks. There are cases when administrators, simply due to lack of time, simply do not know that corporate versions of anti-virus protection from Kaspersky Lab have centralized management at all, and do not know that this miracle of civilization does not have to pay anything.
In order to "link" already installed client antiviruses with the administration server, you need very little:
After these actions, your computers will be visible to you from the central console, users will no longer be able to manage the antiviruses installed on their machines and, as a result, fewer infections and less headache for the administrator.
In the video below, I will try to describe the scenarios for installing NetAgents on client computers, depending on how your network is arranged.
